The personal blog of Peter Lee a.k.a. "China Hand"... Life is a comedy to those who think, a tragedy to those who feel, and an open book to those who read. You are welcome to contact China Matters at the address chinamatters --a-- prlee.org or follow me on twitter @chinahand.

Wednesday, October 30, 2013

> In order to fudge
the legal limitations on collection of strictly intra-US phone calls by US
persons, could the US gov ask ATT (which, I expect, has a pretty close working
relationship with Bell Canada)
to route calls either by number or in bulk to Canada and then back to the
USA? Then the NSA
could pick up the traffic on the outbound or inbound end, or the Canadians
could rummage through it on our behalf. Unfortunately, I have no concrete
information to back up this brainwave, but it would seem to be a logical way
for the NSA to advance its goal of getting all the data. Any thoughts on
this?

David Skillicorn, a professor in the
School of Computing at Queen’s University, says this is one piece of the
data-sharing relationship "that has always been carefully
constructed."

"The Americans will not use
Canadians to collect data on U.S. persons, nor will any of the other Five Eyes
countries," Skillicorn says.

"In fact, in practice, it’s as if
the five countries’ citizens were one large, collective group, and their mutual
communications are not intercepted by any in the Five Eyes community."

Poked around a bit, came up empty, didn’t pursue it.

Then, today, courtesy of Barton Gellman at the Washington
Post, there’s this, describing an NSA program that circumvents limits on
domestic surveillance by intercepting Google and Yahoo! traffic between their data centers through our Anglophone
allies/proxies:

The NSA’s principal
tool to exploit the data links is a project called MUSCULAR, operated jointly
with the agency’s British counterpart, GCHQ. From undisclosed interception
points, the NSA and GCHQ are copying entire data flows across fiber-optic
cables that carry information between the data centers of the Silicon Valley
giants.

As for that “undisclosed intercept point”, I vote for Canada
as the most likely suspect.North
American traffic traverses Canada, gets bundled off to Blighty, and stored for
sharing with the NSA.

In order to obtain free access to data
center traffic, the NSA had to circumvent gold standard security measures.
Google “goes to great lengths to protect the data and intellectual property in
these centers,” according to one of the company’s blog posts, with tightly
audited access controls, heat sensitive cameras, round-the-clock guards and
biometric verification of identities.

Google and Yahoo also pay for premium
data links, designed to be faster, more reliable and more secure. In recent
years, each of them is said to have bought or leased thousands of miles of
fiber optic cables for their own exclusive use. They had reason to think,
insiders said, that their private, internal networks were safe from prying
eyes.

In an NSA presentation slide on
“Google Cloud Exploitation,” however, a sketch shows where the “Public
Internet” meets the internal “Google Cloud” where their data resides. In
hand-printed letters, the drawing notes that encryption is “added and removed
here!” The artist adds a smiley face, a cheeky celebration of victory over
Google security.

Two engineers with close ties to
Google exploded in profanity when they saw the drawing. “I hope you publish
this,” one of them said.

Last month, long
before The Post approached Google to discuss the penetration of its cloud, vice
president for security engineering Eric Grosse announced that the company is
racing to encrypt the links between its data centers. “It’s an arms race,” he
said then. “We see these government agencies as among the most skilled players
in this game.”

Google knew, kids.Get used to it.

Another guy I’m crossing off my personal list together with
David Skillicorn is John Schindler, whose tweets, posts, and sneers are a
mainstay of defenders of the NSA:

John Schindler, a former NSA chief
analyst and frequent defender who teaches at the Naval War College, said it was
obvious why the agency would prefer to avoid restrictions where it can.

“Look, NSA has platoons of lawyers and
their entire job is figuring out how to stay within the law and maximize
collection by exploiting every loophole,” he said. “It’s fair to say the rules
are less restrictive under Executive Order 12333 than they are under FISA.”

But what about that "honesty" elixir you were peddling to the NSA in that smarmy open letter that appeared the same day Gellman's piece came out?

[H]ey, I’m fine with secrecy in principle – intelligence is conducted in
secret by its very nature. But the current crisis has exposed the Agency
to scrutiny based on falsehoods proffered by Kremlin-backed scoundrels
and their useful idiots among activists masquerading as journalists.
Time to beat that back with some honesty, what might seem scarily
radical honesty to old SIGINT hands.

...

Rebrand now while you still can and regain the public’s trust. I’m
confident that, once they understand what NSA really does, the vast
majority of Americans will be glad the Agency is on watch.

Good luck with that rebranding, "Dash":

I also think the NSA has platoons of shills and their entire
job is figuring out how to stay within the realm of plausible deniability and
minimize transparency by exploiting every loophole.But, given their commitment to suppressing instead
of informing public debate about surveillance, I don’t see any reason to trust
them or listen to them.Why anyone would
rely on Schindler for objective and honest insight into the scope and
implementation of the US surveillance regime is beyond me.

Monday, October 28, 2013

Update: According to the Japanese Coast Guard via AFP, the PRC did its bit to escalate tensions by dispatching two Coast Guard vessels to loiter in the territorial waters of the Senkakus for two hours. AFP also added this tidbit concerning Abe's defense posture:

"You
will have to completely rid yourselves of the conventional notion that
just the existence of a defence force could act as a deterrent."

Global Times weighed in with a ferocious editorial addressing Abe's remarks to the Wall Street Journal:

Should one drone of China be fired upon, hostility between Beijing and Tokyo will be fully activated and the situation of Northeast Asia will topple like dominoes. The outbreak of a regional war is possible. Although the US' support to Japan is obvious, it's uncertain how the US will interfere. There is too much variance concerning where a China-Japan military clash will go. China has not been involved in war for a long time but a war looms following Japan's radical provocation. China's comprehensive military power, including the navy, air force and the Second Artillery Force of the PLA, is stronger than Japan's. Once a war breaks out, China will also be able to bear the economic blow better than Japan.

Since the real game in Asia is economic, not military, hopefully the legendary "cooler heads" will prevail. PL 10/28/2013]

As far as I can tell, the pundit community is continuing to
peg the needle on the obliviousness meter concerning Shinzo Abe’s China
posture.

Conventional wisdom: Abe is chugging along with domestic
economic reforms while occasionally and not particularly enthusiastically pandering
to his nationalist base with chesty responses to relentless Chinese
provocations.

What’s really going on: Encouraging tensions with China is
an integral element of Abe’s strategy to redefine the role of the Japanese
government both domestically and internationally.

Abe welcomes a polarizing environment in Asia, because it
allows Japan to position itself as the protector of the smaller Pacific states
against the Chinese behemoth.And I
think this has more—a lot more—to do with an attempt to block the extension of
PRC trade and investment hegemony in East Asia and aggrandize Japan’s economic
role at China’s expense than it does with genuine fears of a Chinese military
threat.But the Chinese military threat
must be hyped, since it enables the re-emergence of Japan as a regional
military power (and put some backbone into the anti-China alliance) despite the
anxieties of the United States, many nations in the region, and a significant
chunk of the Japanese electorate.

Lest you think I’m just acting as a Chinese homer (reflexive
Chinese partisan) in this matter, I think China is happily abetting the whole
confrontation cycle—because it sees conspicuous Japanese security unilateralism
as a wedge between Japan and the United States, and an opportunity to isolate
Japan as a disturbing and destabilizing would-be hegemon in the eyes of the
United States and the nations of the region, and not a loyal American ally.

With this perspective, let’s consider the latest iteration
of this sorry cycle of provocations, per an October 26 BBC report in which Abe does his best to exploit the opportunities for unchallengeable assertions
offered by the passive voice, anonymous allies, straw men, hypothetical scenarios,
and reflexive international dislike for the PRC (my italics for emphasis):

Japan will stand up to China, says PM Shinzo Abe

Japan's Prime Minister Shinzo Abe
says other countries want Japan to
adopt a more assertive leadership role in Asia to counter the growing power of
China.

Mr Abe told the Wall Street Journal there were "concerns that China was
trying to change the status quo by force, rather than by the rule of law".

…

China said on Saturday that if Japan
shot down Chinese drones, this would be considered "an act of war" by
Beijing.

The statement was referring to
reports that Mr Abe had approved defence plans that envisaged using air force
planes to shoot down unmanned Chinese aircraft in Japanese airspace.

…

In the interview, Mr Abe said he had
realised that "Japan is expected
to exert leadership not just on the economic front, but also in the field of
security in the Asia-Pacific".

He promised policies to counter
Japan's waning influence.

Other countries wanted Japan to
stand up to China, Mr Abe said without
naming any.

"There are concerns that China is attempting to change the status
quo by force, rather than by rule of law. But if China opts to take that path, then it won't be able to emerge
peacefully," Mr Abe says.

"So it shouldn't take that
path, and many nations expect Japan
to strongly express that view. And they hope that as a result, China will take
responsible action in the international community."

The interview comes days after Mr
Abe was reported to approved defence plans to intercept and shoot down foreign
unmanned aircraft that ignore warnings to leave Japanese airspace.

On Saturday, China's defence
ministry responded saying: "If Japan does resort to enforcement measures
like shooting down aircraft, that is a serious provocation to us, an act of
war.

"We will undertake decisive
action to strike back, with every consequence borne by the side that caused the
trouble," spokesman Geng Yansheng said on the ministry's website.

Abe Warns China on Island Spat as Japan Dispatches Jets

Japanese Prime Minister Shinzo Abe warned he wouldn’t permit China to use
force to resolve territorial spats, as the renewed presence of Chinese aircraft
near disputed islands led its neighbor to dispatch fighter jets.

Japan sent up fighter jets for a third day yesterday after Chinese aircraft
flew between its southern islands without
entering Japanese airspace, the Self-Defense Forces said on their website.[emphasis added]

Since the Obama administration is quietly displeased with
Japan’s display of initiative (which seems to be slighting US security and
diplomatic leadership while presuming the US military might will remain on tap
if Japan gets in over its head), maybe Abe will be reframed in the Western
media as the “Netanyahu of Asia”—a tireless but self-interested and increasingly
distrusted fomenter of regional destabilization—rather than “Japan’s Thatcher”
as a recent profile chose to style him.

Sunday, October 27, 2013

I have an article in the current subscription-only CounterPunch
magazine on the NSA encryption follies.

The takeaway from the article is that, thanks to fiddling by
the NSA and its corporate partners, Internet security is a jury-rigged omnishambles.It’s as if the National Transportation Safety
Board, with the garages and auto parts suppliers playing along, had undermined
the safety standards for brakes and facilitated the insertion of multiple
points of failure in the braking system, and then encouraged everybody to drive
down the Information Superhighway at 120 miles per hour in order to give more
business to the auto repair industry.

With the powers vested in me by the Internet, I command
everyone to subscribe…now!Here’s the
link.

The piece has a different take on the NSA’s surveillance
excesses than what readers are probably accustomed to.

Edward Snowden’s core concern, and the basis of a lot of the
coverage, is anxiety over the massive scope of NSA surveillance.It looks like the US government never
abandoned the goal of Total Information Awareness, articulated during the
George W. Bush era by John Poindexter, and simply decided to implement it
clandestinely.NSA wants it all:
metadata, unencrypted data, encrypted data, the correlations, whatever.

Even for those of us who have “nothing to hide and nothing
to fear” a.k.a. nobody, this raises the specter of the Panopticon state, where
the hidden eye may be everywhere and anywhere, and the subject is pre-emptively
cowed into compliance by the fear of being observed.

I have to admit I already feel that way, to a degree.I look at the computer on my desk and see it
as a window in—to me—as well as a window out onto the WWW.

Not just for the US government which, quite frankly, I don’t
think devotes a lot of time to worrying about me.Also for Google.For instance, the web ads aren’t mass
advertising like TV commercials; they are targeted ads based on my Google
searches.Instead of telling me what’s
out there, they are trying to get inside me and push my buy buttons based on
what they think what’s in there.Instead
of surfing the web, I’m getting enmeshed in my personalized web of
preconceptions and plans, spun courtesy of Google, Facebook, etc.And for botnets.I assume I’ve got one.Maybe just one.I hope so.Recently, the FBI and Microsoft took down a botnet infecting 2 million
computers.I look at my computer as a
device on loan to me from the botnet when it isn’t using the CPU cycles for its
own nefarious ends.

The NSA and the US IT industry have a shared interest in
exploiting me as a data asset. The information,
services, and connectivity benefits of the Internet is just the honey pot that
lures us in.Just like newspapers and
magazines are advertising circulars with just enough journalism and
entertainment to get us to crack open the pages.

If we want to restore our digital privacy, it’s going to
take a new network: new hardware, new software, new protocols, and billions of
dollars (without any government and corporate subvention!).

Good luck with that.

Short of that, enhanced transparency and accountability from
the entities degrading the security functionality of the Internet might help.

It looks like the only way we’re going to get that is via
whistleblowers.

When the Edward Snowden revelations hit, my first reaction
was Wow.Somebody’s really stuck it to
the Man.

However, on some liberal and conservative sections of the
Intertubes, something that I call Snowden Derangement Syndrome erupted.It was as if Snowden had posted dirty
pictures of him having sex with mom.Some
seemed to take the position of Don’t you understand?We’re the Man.Edward Snowden is sticking it to us!

Well, my general take is that Edward Snowden is a
whistleblower, not a spy.It’s not my
job to help the Man sideline, discredit, silence, or incarcerate whistleblowers
in order to make His job easier.

Of course, there has been a persistent bubbling of efforts
to discredit Snowden along the lines of naif/narcissist/traitor.Things quieted down when the carefully
managed revelations of NSA domestic surveillance undercut the Snowden as
hysterical dingbat narrative, but hotted up again with the reports on US spying
on allies.You know, hurts American
interests, old news, everybody does it and, in Mike Rogers’ iteration, Europe
should be grateful because Nobody Does It Better than the US of A.

These people obviously lost the Lord Acton memo about the corrupting
nature of power—including the power bestowed on the NSA by an open-ended and
generously funded mandate, secrecy, and sufficient legal impunity to initiate
and perpetuate massive, compounded clusterfucks beyond the reach of
congressional oversight.

The Economic Times writes the “high-ranking” NSA official spoke to Bild am
Sonntag on the condition of anonymity, saying the president, “not only did not
stop the operation, but he also ordered it to continue.”

The Economic Times also reports the official told Bild am Sonntag that Obama
did not trust Merkel, wanted to know everything about her, and thus ordered the
NSA to prepare a dossier on the politician.

I don’t think that’s Edward Snowden talking.Maybe it’s the Acela Babbler, Michael Hayden,
passing on third-hand tittle-tattle.Maybe Keith Alexander is sticking the boot in as he stomps off into
retirement.

In any case, that high level gossip, my friends, is probably
more damaging to US diplomacy than the Snowden revelations, and also an
indication of the culture of impunity and malice that seems to permeate the
upper levels of the NSA and is now directed at President Obama for his
equivocal defense of the agency.

Angela Merkel is probably seriously pissed that the NSA
tapped her phone--and bragging about it.In July, Merkel, an
East German native who has tried to draw a clear, bright line between the
security excesses of East Germany and practices in the West, had defended NSA
surveillance as qualitatively different from the Stasi since the NSA was
interested in protecting American security.By that reading, Merkel has been considered a security risk for over a
decade.

The revelation has done Germany the favor of alerting it to
the fact that its communications security technology—in which it has reposed a
high level of confidence—has been compromised.

As discussed in this article from Spiegel, German government
communications were supposedly protected by world-class non-USA encryption and
security products delivered by ex-Stasi technicians rolled into a company
called Rohde & Schwarz.The
implication of the bugging of Merkel’s phone is that the US government has
suborned and compromised Germany’s own data security apparatus.Since Rohde & Schwarz is also a NATO
supplier, perhaps the prospect of NATO contracts might have enticed them to
hand over the goodies.Or maybe the NSA
hacked and fiddled its way in without corporate assistance from R&S.

For whatever reason, one can speculate that the NSA has done
as good a job of fucking up German and NATO secure communications as it has
done with overall Internet security.